Edge Articles

How Did This Happen?

Despite best efforts (including having a CISO on board), breaches and other security incidents do happen. It's a reality for any veteran security manager. When it does occur, be prepared to answer why it happened and what lessons have been learned.

"Incidents and breaches need a bad guy; you usually can’t catch them, so the CISO is the next logical recipient of the label," Gigamon's Hamm says. "Be ready to articulate the risk that 'we' accepted when we chose the controls, the budget, and our tolerance level. Security is a team sport. Remind the CEO that we don't have a magic security wand to ward off bad guys."  

(Continued on next page)

Are We Protected Against a Breach?

Many business executives think having a CISO will "unequivocally" prevent breaches from occurring, says James Nelson, vice president of information security at Illumio. "Unfortunately, this is the wrong way to think about this challenge," he says.

Faced with this question, CISOs should be prepared to explain that security is a holistic, ongoing, organizationwide effort and list the different factors that will help prevent (but not guarantee) a breach from occurring.

"The primary goal of security leaders today should be to help his or her organization to be successful through security. It requires technical expertise, stakeholder management, political acumen, communication skills, and more to do the CISO job well," says Nelson.

"For CISOs, this is one of those 'keep-you-up-at night' questions," adds Ed Bellis, CTO and co-founder of Kenna Security and former CISO for Orbitz. "The Equifax breach is the poster child for this, but apply the thinking to your company or organization. Where are your biggest blind spots, and what would it take to eliminate them?"

(Continued on next page)

4 of 11